Update dependency pdfjs-dist to v4 [SECURITY]

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Confidence
pdfjs-dist (source)	2.7.570 → 4.2.67

---

PDF.js vulnerable to arbitrary JavaScript execution upon opening a malicious PDF

CVE-2024-4367 / GHSA-wgrm-67xf-hhpq

More information

Details

Impact

If pdf.js is used to load a malicious PDF, and PDF.js is configured with isEvalSupported set to true (which is the default value), unrestricted attacker-controlled JavaScript will be executed in the context of the hosting domain.

Patches

The patch removes the use of eval:
https://github.com/mozilla/pdf.js/pull/18015

Workarounds

Set the option isEvalSupported to false.

References

https://bugzilla.mozilla.org/show_bug.cgi?id=1893645

Severity

• CVSS Score: 8.8 / 10 (High)
• Vector String: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References

• https://github.com/mozilla/pdf.js/security/advisories/GHSA-wgrm-67xf-hhpq
• https://github.com/mozilla/pdf.js/pull/18015
• https://github.com/mozilla/pdf.js/commit/85e64b5c16c9aaef738f421733c12911a441cec6
• https://bugzilla.mozilla.org/show_bug.cgi?id=1893645
• https://nvd.nist.gov/vuln/detail/CVE-2024-4367
• https://lists.debian.org/debian-lts-announce/2024/05/msg00010.html
• https://lists.debian.org/debian-lts-announce/2024/05/msg00012.html
• https://www.mozilla.org/security/advisories/mfsa2024-21
• https://www.mozilla.org/security/advisories/mfsa2024-22
• https://www.mozilla.org/security/advisories/mfsa2024-23
• http://seclists.org/fulldisclosure/2024/Aug/30
• https://github.com/gogs/gogs/issues/7928
• https://codeanlabs.com/blog/research/cve-2024-4367-arbitrary-js-execution-in-pdf-js
• https://github.com/mozilla/pdf.js/releases/tag/v4.2.67
• https://www.exploit-db.com/exploits/52273
• https://github.com/advisories/GHSA-wgrm-67xf-hhpq

This data is provided by the GitHub Advisory Database (CC-BY 4.0).

---

Release Notes

mozilla/pdf.js (pdfjs-dist)

v4.2.67

Compare Source

This release includes a new JPX decoder, based on OpenJPEG, which improves JPX image rendering performance and correctness. Moreover, this release contains improvements for the annotation editor, font conversion and the viewer.

Note that text selection boxes for some PDF files may overlap visually. This is a known issue that we currently track in #​17561.

Changes since v4.1.392

• Bump the stable version in pdfjs.config by @​timvandermeij in #​17924
• Convert the history code to use proper private methods by @​timvandermeij in #​17925
• Update dependencies and translations to the most recent versions by @​timvandermeij in #​17927
• Remove the tag for missing font subset when trying to find a substitution by @​calixteman in #​17930
• Fix resetting of cursor-tools when closing the document (PR 17464 follow-up) by @​Snuffleupagus in #​17933
• Warn when a non-embedded font has an invalid name by @​calixteman in #​17934
• Remove the mkdirp dependency in favor of the built-in Node.js fs.mkdirSync by @​timvandermeij in #​17935
• Improve type definitions for the viewer by @​ex37 in #​17879
• Fix the "must check that invisible fields are made visible" scripting integration test by @​timvandermeij in #​17940
• Remove the rimraf dependency in favor of the built-in Node.js fs.rmSync in the test folder by @​timvandermeij in #​17938
• [api-minor] Update the minimum supported Safari version to 16.4 by @​Snuffleupagus in #​17942
• Fix the "must check that a field has the correct value when a choice is changed" scripting integration test by @​timvandermeij in #​17947
• [api-minor] Add a jpx decoder based on OpenJPEG 2.5.2 by @​calixteman in #​17946
• Bump library version to 4.2 by @​Snuffleupagus in #​17949
• Build the openjpeg-based decoder in a web environment in order to avoid issues when used in node by @​calixteman in #​17954
• Fix JpxImage API issues (PR 17946 follow-up) by @​timvandermeij in #​17951
• [JPX] Throw an exception with the error messages returned by openjpeg by @​calixteman in #​17956
• [Editor] Provide an element to render in the annotation layer after a freetext has been edited (bug 1890535) by @​calixteman in #​17914
• Remove waitForTimeout usage from the helper functions by @​timvandermeij in #​17966
• Remove some event listeners with signal in the viewer by @​Snuffleupagus in #​17964
• [Editor] Don't show the context menu when resizing by @​calixteman in #​17973
• Correctly update the xref table when an annotation is deleted by @​calixteman in #​17970
• Update dependencies and translations to the most recent versions by @​timvandermeij in #​17972
• Improve jpx decoding by around 20% in enabling simd support when compiling OpenJPEG by @​calixteman in #​17983
• [api-minor] Remove the image-related error message prefixes by @​Snuffleupagus in #​17979
• Use the pdf.js warn when using jpx decoder by @​calixteman in #​17985
• Extend the globally cached image main-thread copying to "complex" images as well (PR 17428 follow-up) by @​Snuffleupagus in #​17978
• Update JpxImage.parseImageProperties to support TypedArray data in IMAGE_DECODERS builds by @​Snuffleupagus in #​17977
• Add signal-support in the EventBus, and utilize it in the viewer (PR 17964 follow-up) by @​Snuffleupagus in #​17967
• Set correctly the change property for the event triggered when a choice list is changed by @​calixteman in #​17999
• Remove all waitForTimeout usage from the annotation integration tests by @​timvandermeij in #​17969
• Validate explicit destinations on the worker-thread to prevent DataCloneError (issue 17981) by @​Snuffleupagus in #​17984
• Allow to insert several annotations under the same parent in the structure tree by @​calixteman in #​17986
• Always enable smoothing when rendering downscaled image by @​calixteman in #​17868
• Simplify the way to pass the glyph drawing instructions from the worker to the main thread by @​calixteman in #​18015
• Validate additional font-dictionary properties by @​Snuffleupagus in #​18014
• Add more validation of width-data by @​Snuffleupagus in #​18017
• Reduce code-duplication when caching data in CompiledFont.getPathJs by @​Snuffleupagus in #​18018
• Re-factor SimpleLinkService to extend PDFLinkService by @​Snuffleupagus in #​18013
• [api-minor] Move the page reference/number caching into the API by @​Snuffleupagus in #​18001

v4.1.392

Compare Source

This release features improvements, bugfixes and optimizations for accessibility, annotation rendering, annotation editing, font rendering, form handling, image rendering, text selection and the viewer.

Note that text selection boxes for some PDF files may overlap visually. This is a known issue that we currently track in #​17561.

Changes since v4.0.379

• Bump the stable version in pdfjs.config by @​timvandermeij in #​17474
• [Editor] Take into account the crop box when saving/printing some highlighted text (bug 1872721) by @​calixteman in #​17475
• Update Puppeteer to version 21.7.0 by @​calixteman in #​17477
• Avoid to have the text layer mismatching the rendered text with mismatching locales (bug 1869001) by @​calixteman in #​17476
• Preserve the whitespaces when getting text from FreeText annotations (bug 1871353) by @​calixteman in #​17458
• [Editor] Init the default highlight color before creating the first editor instance by @​calixteman in #​17481
• Update packages and translations by @​Snuffleupagus in #​17482
• Remove terminal white spaces when extracting text from annotation appearances by @​calixteman in #​17487
• Bump follow-redirects from 1.15.3 to 1.15.4 by @​dependabot in #​17494
• [Editor] Don't throw when changing the color of an invisible highlight by @​calixteman in #​17498
• [Editor] Move the code to generate the SVG path from draw_layer.js to outliner.js by @​calixteman in #​17499
• [Editor] Correctly serialize highlight data (regression from #​17499) by @​calixteman in #​17501
• [api-minor] Validate the workerPort/workerSrc options by @​Snuffleupagus in #​17504
• Add note about running npm install on MacOS by @​nicolo-ribaudo in #​17490
• Bump library version to 4.1 by @​Snuffleupagus in #​17507
• Update gulp-cli to 2.3.0 and explicitly add it as a dependency by @​nicolo-ribaudo in #​17489
• Consistently remove the "visibilitychange" listener in PDFViewer (PR 14388 follow-up) by @​Snuffleupagus in #​17508
• Update l10n files by @​calixteman in #​17513
• [Editor] Extract all the lines when adding a FreeText annotation by @​calixteman in #​17511
• Take into account empty lines when extracting text content from the appearance by @​calixteman in #​17512
• [Editor] Draw a line instead of a Bezier curve when an Ink has only one point by @​calixteman in #​17514
• [Editor] Slightly simplify the serialization of an highlight annotation by @​calixteman in #​17517
• [Editor] Make editors draggable with touchscreens by @​calixteman in #​17519
• Add the font Linux Libertine as a possible substitution for Times New Roman by @​calixteman in #​17405
• Format json files in using prettier by @​calixteman in #​17525
• [Editor] Avoid an exception when pressing space key to change the color of an highlight by @​calixteman in #​17527
• Exclude the web/locale/ folder from linting (PR 17525 follow-up) by @​Snuffleupagus in #​17529
• [Editor] Avoid to move a non-draggable editor with the keyboard by @​calixteman in #​17528
• [Editor] Add the ability to make a free highlight (i.e. without having to select some text) (bug 1856218) by @​calixteman in #​17506
• [Editor] Change the arrow direction when the dropdown is visible in the color picker (bug 1875357) by @​calixteman in #​17534
• Make the caret visible in the text layer in caret browsing mode by @​calixteman in #​17533
• [Editor] Add support for printing/saving free highlight annotations by @​calixteman in #​17531
• Remove the isArrayBuffer helper function by @​Snuffleupagus in #​17537
• Update packages and translations by @​Snuffleupagus in #​17544
• Ignore auto-formatting patches in git blame by @​Snuffleupagus in #​17546
• Remove DNS resolver workaround from the test framework by @​timvandermeij in #​17547
• [Editor] Unselect highlights when the user click on the text layer (bug 1869767) by @​calixteman in #​17543
• Use the original value of a field when propagating event (fixes #​17540) by @​calixteman in #​17541
• [Editor] Don't add the keyboard listener on the color-picker each time the dropdown menu is shown by @​calixteman in #​17539
• Avoid to have focused tests in using eslint-plugin-jasmine by @​calixteman in #​17548
• Use shorter arrow functions where possible by @​Snuffleupagus in #​17550
• Add more async code when loading fonts in the PartialEvaluator by @​Snuffleupagus in #​17553
• Don't ignore test.mjs child process exit codes in the Gulpfile by @​timvandermeij in #​17555
• Ensure that EvaluatorPreprocessor.opMap has a null-prototype (issue 17554) by @​Snuffleupagus in #​17556
• Print correctly documents containing chars with an unicode greater than 0xFFFF (bug 1669097) by @​calixteman in #​17558
• Add more async code in the PartialEvaluator by @​Snuffleupagus in #​17562
• Replace the webpack+acorn transform with a Babel plugin by @​nicolo-ribaudo in #​17563
• [Editor] Update the parameters in the UI of the last selected editor when undoing/redoing by @​calixteman in #​17564
• [Editor] Add the possibility to change the thickness of a free highlight (bug 1876096) by @​calixteman in #​17568
• Fix unreferenced CSS variables (PR 17533 follow-up) by @​Snuffleupagus in #​17578
• Reduce memory use and improve perfs when computing the bounding box of a bezier curve (bug 1875547) by @​calixteman in #​17574
• [Editor] Change the icon to add a FreeText annotation (bug 1876564) by @​calixteman in #​17580
• Fix the textLayer-opacity when using the FontInspector (PR 17533 follow-up) by @​Snuffleupagus in #​17587
• [Editor] Change the cursors for highlighting (bug 1876588) by @​calixteman in #​17581
• [Editor] Add a tooltip to the slider to set the thickness of free highlights by @​calixteman in #​17582
• Re-factor DefaultExternalServices into a regular class, without static methods by @​Snuffleupagus in #​17588
• Update dependencies/translations to the most recent versions by @​timvandermeij in #​17590
• Re-enable the should compress and save text unit-test (issue 17399) by @​Snuffleupagus in #​17591
• [GENERIC viewer] Generate the fileInput DOM-element dynamically by @​Snuffleupagus in #​17592
• Move the debuggerSrc-parameter into the AppOptions by @​Snuffleupagus in #​17593
• Fix transform of unary expression in Babel plugin by @​nicolo-ribaudo in #​17596
• [Editor] Update highlight cursors by @​calixteman in #​17598
• [Editor] Remove the outline which is inside the free highlight shape by @​calixteman in #​17586
• [Editor] Fix the position of the free highlight toolbar by @​calixteman in #​17602
• Ensure that GenericL10n works if the locale files cannot be loaded by @​Snuffleupagus in #​17603
• Initialize the ExternalServices-instance lazily in the viewer (PR 17588 follow-up) by @​Snuffleupagus in #​17604
• Change file permissions for newly added cursors by @​calixteman in #​17605
• Make downloadManager optional in AnnotationLayerParameters by @​wojtekmaj in #​17608
• Point the development mode fallback locale-path to the l10n-folder (issue 17609, PR 17603 follow-up) by @​Snuffleupagus in #​17610
• Use a limit, in more places, when splitting strings by @​Snuffleupagus in #​17619
• Simplify the signature of the PDFDataTransportStream constructor by @​Snuffleupagus in #​17620
• Implement caret browsing mode (bug 807730) by @​calixteman in #​17611
• [Editor] Set the right color to size samples in the highlight thickness panelwhen in HCM (bug 1879107) by @​calixteman in #​17638
• [Editor] Correctly rotate the mask when rotation a free highlight (bug 1879102) by @​calixteman in #​17639
• Remove support for require statements from the build system by @​Snuffleupagus in #​17634
• [Editor] Compute the position of the last point before applying rotation (bug 1879113) by @​calixteman in #​17643
• Update quickjs to 3f81070 by @​calixteman in #​17645
• Break import cycles, in the viewer, for PDFViewerApplication by @​Snuffleupagus in #​17646
• Update translations and dependencies to the most recent versions by @​timvandermeij in #​17655
• Prevent duplicate names in unit/integration tests by @​Snuffleupagus in #​17657
• Enable the no-new-symbol and require-yield ESLint rules by @​Snuffleupagus in #​17658
• [Editor] Disable the thickness slider for non-free highlight by @​calixteman in #​17652
• [Editor] Add a way to highlight text in using the keyboard (bug 1877426) by @​calixteman in #​17650
• Revert "Remove the enableStampEditor preference" (bug 1879588) by @​calixteman in #​17651
• Remove empty, top-level, nodes in the Babel plugin by @​Snuffleupagus in #​17647
• Modernize the webserver code (part 1) by @​timvandermeij in #​17661
• [Editor] Set rotated free highlight at the right position after having changed its thickness (bug 1879108) by @​calixteman in #​17662
• Tweak the issue 11878 unit-test parsing time check (PR 17428 follow-up) by @​Snuffleupagus in #​17663
• [Editor] Ends a free highlight where the mouse pointer is (bug 1879281) by @​calixteman in #​17664
• Skip any whitespace after the first object in linearized PDFs (issue 17665) by @​Snuffleupagus in #​17666
• When updating, write the xref table in the same format as the previous one (bug 1878916) by @​calixteman in #​17636
• Move the __non_webpack_import__ re-writing into the Babel plugin by @​Snuffleupagus in #​17637
• Fix the endoffset of the last glyph when it's followed by a null offset in the loca table by @​calixteman in #​17674
• Access PDFViewerApplication.findBar safely in more spots (PR 15831 follow-up) by @​Snuffleupagus in #​17676
• Add a dummy beginMarkedContentProps operator when optional content parsing fails (issue 17679) by @​Snuffleupagus in #​17680
• Change PDFPrintServiceFactory.createPrintService to take a parameter object by @​Snuffleupagus in #​17667
• Remove unneeded tweakWebpackOutput usage in the gulpfile (PR 17637 follow-up) by @​Snuffleupagus in #​17678
• Tweak the parseMinified handling slightly in the gulpfile by @​Snuffleupagus in #​17681
• Update dependencies and translations to the most recent versions by @​timvandermeij in #​17685
• Modernize the webserver code (part 2) by @​timvandermeij in #​17684
• Run minification directly during Webpack building by @​Snuffleupagus in #​17686
• Disable source-map generation in the minified builds (PR 17686 follow-up) by @​Snuffleupagus in #​17687
• Avoid to access to a missing cidSystemInfo property by @​calixteman in #​17690
• [Editor] Avoid to scroll when an editor is unselected by @​calixteman in #​17688
• [Editor] Disable annotation layer when highlighting (bug 1868759) by @​calixteman in #​17702
• [Editor] Add the possibility to query some ML stuff to guess an alt text for an image by @​calixteman in #​17701
• [Editor] Add the possibility to create an highlight from the context menu when some text is selected (bug 1867739) by @​calixteman in #​17708
• [Editor] In caret browsing mode, get the caret position in the text layer (bug 1881692) by @​calixteman in #​17719
• Tweak how the hexNumbers Array, used by Util.makeHexColor, is built by @​Snuffleupagus in #​17718
• Fix the string GlobalConstants.IDS_INVALID_DATE by @​calixteman in #​17722
• [Editor] In caret browsing mode, allow to select in pressing shift and arrow down (bug 1881802) by @​calixteman in #​17720
• Avoid to have to wait to zoom after scrolling by @​calixteman in #​17724
• Update puppeteer to 22.3.0 by @​calixteman in #​17733
• Always add links in the annotation layer by @​calixteman in #​17738
• [Editor] Add some telemetry for the highlight feature (bug 1866437) by @​calixteman in #​17737
• [Editor] Count the colors used when highlighting whatever the highlight kind is by @​calixteman in #​17748
• Inline the HighlightEditor.#telemetryType getter at its only call-site (PR 17748 follow-up) by @​Snuffleupagus in #​17750
• [Editor] Add the possibility to move the caret with the keyboard once an highlight has been made (bug 1881684) by @​calixteman in #​17755
• [Editor] Make the delete button clickable with the space key (bug 1882248) by @​calixteman in #​17756
• [Editor] Enable the thickness input when no editors are selected (bug 1881219) by @​calixteman in #​17757
• Simplify the XMLHttpRequest-branch in the fetchData helper function (PR 17277 follow-up) by @​Snuffleupagus in #​17710
• [Editor] Fix the quadpoints value when serializing an highlight annotation by @​calixteman in #​17760
• [Editor] Indicate if the highlight-thickness slider is disabled by @​Snuffleupagus in #​17761
• [Editor] Set the creation method for free highlights to 'main_toolbar' (bug 1883394) by @​calixteman in #​17768
• [Editor] Unselect highlight editor when pressing Escape when the focus is on the color picker without a dropdown menu by @​calixteman in #​17766
• [Editor] Use a null instead of an empty stats object when sending the telemetry by @​calixteman in #​17764
• Don't stringify data for telemetry by @​calixteman in #​17772
• [GeckoView] Remove the open-in-app button (bug 1832519) by @​calixteman in #​17771
• [Editor] Let a free highlight be clipped when its bounding box exceeds the page limits (bug 1883632) by @​calixteman in #​17775
• [Annotations] Widget annotations must be in front of the other ones (bug 1883609) by @​calixteman in #​17776
• In the m-c automation, give the possibility to remove window listeners when a test ended by @​calixteman in #​17767
• [Editor] Add a toggle button to show/hide all the highlights (bug 1867740) by @​calixteman in #​17778
• [Editor] Make sure the alt-text button is there when pasting an image from an other tab by @​calixteman in #​17781
• Use the Fetch API to download the l10n files by @​Snuffleupagus in #​17711
• [Editor] Improve the accessibility of the highlight editor (bug 1881743) by @​calixteman in #​17788
• [api-minor] Implement basic support for OptionalContent Usage dicts (issue 5764, bug 1826783) by @​Snuffleupagus in #​17726
• Combine a few lines in the dist-pre target (PR 17681 follow-up) by @​Snuffleupagus in #​17717
• [Editor] Add a floating button close to the selected text to highlight it (bug 1867742) by @​calixteman in #​17732
• Use fs/promises in the Node.js-specific code in the src/-folder by @​Snuffleupagus in #​17714
• Add better validation for the "PREFERENCE" kind AppOptions by @​Snuffleupagus in #​17694
• When zooming the scrollbar can disappear and then no scrollend is triggered by @​calixteman in #​17793
• Bump follow-redirects from 1.15.4 to 1.15.6 by @​dependabot in #​17799
• Don't render corrupted inlined images by @​calixteman in #​17795
• Update packages and translations by @​Snuffleupagus in #​17800
• [Editor] Fix the rect used to click in some freetext integration tests by @​calixteman in #​17802
• [api-minor] Use the Fetch API, when supported, to load PDF documents in Node.js environments by @​Snuffleupagus in #​17706
• [Editor] Make the text layer focusable before the editors (bug 1881746) by @​calixteman in #​17790
• Don't hide the editor layer when rotating (follow-up of #​17802) by @​calixteman in #​17809
• Simplify the copy & paste integration test by @​calixteman in #​17811
• Move the alias-building out of the createWebpackConfig function by @​Snuffleupagus in #​17691
• [Editor] Make sure the text in the mark has null dimensions to avoid to see a meaningless rectangle in voiceover (bug 1886427) by @​calixteman in #​17814
• Avoid wrong scrolling when calling zoomReset by @​calixteman in #​17817
• Allow listening for preference changes in the Firefox PDF viewer (bug 1886586) by @​Snuffleupagus in #​17818
• Remove PDFViewerApplication.initPassiveLoading and directly invoke the open-method from the extension-specific code by @​Snuffleupagus in #​17813
• [Editor] Add a label to the highight floating button readable with NVDA (bug 1886964) by @​calixteman in #​17825
• Update puppeteer to 22.6.0 by @​calixteman in #​17831
• [Editor] Fix undoing an editor deletion (bug 1886959) by @​calixteman in #​17823
• Update the Path2D polyfill for Node.js environments by @​Snuffleupagus in #​17830
• Add alternative text to annotation if any by @​calixteman in #​17835
• [Editor] Add a divider before the show all button by @​calixteman in #​17827
• Increase the maxCanvasPixels value to 2 ** 25 by @​calixteman in #​17837
• A couple of small tweaks of the BasePreferences class by @​Snuffleupagus in #​17842
• Update dependencies and translations to the most recent versions by @​timvandermeij in #​17844
• [Editor] Correctly handle lines when pasting some text in a freetext by @​calixteman in #​17852
• [api-minor] Update the minimum supported Google Chrome version to 98 by @​Snuffleupagus in #​17851
• Add better support for /Launch actions with /FileSpec dictionaries (issue 17846) by @​Snuffleupagus in #​17847
• Display outlines even if one has no title by @​calixteman in #​17857
• Ensure that Mesh /Shadings have non-zero width/height (issue 17848) by @​Snuffleupagus in #​17858
• Remove the addWindowResolutionChange listener unconditionally (PR 17767 follow-up) by @​Snuffleupagus in #​17865
• Avoid useless CSS animation when nothing is done (bug 1888657) by @​calixteman in #​17855
• Limit all compatibilityParams handling to the GENERIC viewer by @​Snuffleupagus in #​17861
• [api-minor] Replace the PromiseCapability with Promise.withResolvers() by @​Snuffleupagus in #​17854
• Don't translate char codes when platform,encoding isn't (3,0) by @​calixteman in #​17810
• Update the current stride before composing when decoding a text region by @​calixteman in #​17875
• [Editor] Remove the mark from the highlight element and set its role to mark (bug 1889623) by @​calixteman in #​17885
• Update dependencies and translations to the most recent versions by @​timvandermeij in #​17880
• Fix annotation border style parsing by handling empty dash arrays by @​timvandermeij in #​17905
• Convert the thumbnail view(er) code to use proper private methods by @​timvandermeij in #​17891
• Modernize the TTX driver code by @​timvandermeij in #​17890
• [Editor] Don't add an already added editor (bug 1890367) by @​calixteman in #​17907
• [Editor] Avoid calling setTimeout when editing an existing freetext by @​calixteman in #​17903
• Don't render annotations with a null dimension by @​calixteman in #​17908
• Use the string value of the field when calling the Format callback (bug 1889122) by @​calixteman in #​17882
• Tweak the fill-value of the Stamp-icon to work better in non-Firefox browsers by @​Snuffleupagus in #​17916
• Fix the RTL-rule for the editorHighlightShowAll button, such that it works outside of the Firefox PDF Viewer by @​Snuffleupagus in #​17917
• Implement a linting rule to discourage using waitForTimeout for new usages by @​timvandermeij in #​17915
• Don't install gulp-cli globally in the GitHub Actions workflows by @​timvandermeij in #​17913
• Fix the "must highlight text in the right position" integration test by @​timvandermeij in #​17893

v4.0.379

Compare Source

This release mainly contains improvements and bugfixes for the annotation editor functionality.

Changes since v4.0.269

• Bump the stable version in pdfjs.config by @​timvandermeij in #​17339
• Don't throw when there isn't enough data to get block info in flate stream by @​calixteman in #​17340
• [Editor] Avoid to a

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • ""
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}